<?php 
//Name: login.php
//Purpose: This script is for loggging a user in to the application
//CreateDate: 10/01/12

//to check if login form was subitted
if(isset($_POST["submitLogin"]))
{
	if(isset($_POST['username']) && isset($_POST['password']) )
	{
		$sanitized_username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
		$password = $_POST['password'];
		
		include 'util.php';
		
		$loginSuccess = loginUser($sanitized_username, $password);
		
		if($loginSuccess != null && $loginSuccess != "")
		{
			session_name('login');
			session_start();
			$_SESSION['username'] = $loginSuccess;
			usernameIsAdmin($loginSuccess);
			unset($_SESSION['invalidLogin']);
			session_write_close();
			header("location: /home.php");

		}
		else
		{
			session_name('login');
			session_start();
			$_SESSION['username'] = null;
			$_SESSION['invalidLogin'] = true;
			session_write_close();
			header("location: /home.php");
		}
	}
}
else 
{
	header("location: /loginformheader.php");
}

?>